๐Log management
Last updated
Last updated
Teiren Docs tip: If you need more detailed technical explanations or are interested in adopting the product, please leave an inquiry on the Teiren website. The average response time is within 1-2 days.
You can view logs from both cloud and on-premises products integrated with SIEM at once. Analyze your company's security status through the complete log list, and create a more robust security environment by examining detailed logs.
The Teiren SIEM displays log details in a structured table format for easy viewing. The table includes columns for log type, event time, event type, source, source IP, destination, destination IP, and more. This format allows users to sort and filter logs based on these specific parameters, making log analysis and management efficient.
In addition to the table format, Teiren SIEM also provides log details in JSON (JavaScript Object Notation) format. Each log detail is represented as key-value pairs in a JSON object, offering users a more flexible way to interact with log data. This can be particularly useful for users who need to further process the log data or integrate it with other systems. Moreover, logs in JSON format can be easily exported and stored for future use.
Various search methods are available to find only the desired logs, providing a convenient search environment for users.
| Column | Content |
|---|---|
Log Type | Log type indicates the resource from which the log data was collected. For example, AWS cloud logs, Teiren SIEM application logs, Windows security logs, etc. |
Event Time | Event time indicates when the log event occurred. It is used in log analysis to understand the sequence of events or to find events within a specific time range. |
Event Type | Event type indicates the nature of the event that occurred. For example, there can be login events, error events, transaction events, etc. |
Source | Source indicates where the event originated. The source can include the system, application, network device, etc., where the event occurred. |
Source IP | Source IP indicates the IP address of the device that generated the event. This information is used to analyze security issues on the device or to study the flow of network traffic. |
Destination | Destination indicates where the data was sent. This information is often found in network logs and shows where data packets were directed. |
Destination IP | Destination IP indicates the IP address of the device to which the event data was sent. This information is used to understand the flow of network traffic or to analyze security issues on the device. |
